The KaZaA network is one of the most popular file exchange networks using Peer-to-Peer (P2P) technology. Millions of people from all around the world are active users of the network that allows them to quickly dig up files they seek (such as MP3 files) and give other users access to data contained on their own computers.

On an infected computer "Benjamin" creates a directory accessible to other users of the KaZaA network and regularly copies itself into this directory under a multitude of different names, the amount of which counts several thousand. When a network user conducts a search for a file under a name corresponding with one the worm's pseudonyms the unsuspecting user is given the chance to download it from the infected computer. Thus, this is how Benjamin spreads itself through the KaZaA network. In addition to eating up free disk space Benjamin takes additional actions: under the name of the infected computer's owner it opens an anonymous web site from which it displays advertising banners. This way Benjamin's creator profits by the resulting increase in advertising displays.

"After Gnutella being attacked almost a year ago, it was to be expected that other fast growing P2P networks will be the next victims of virus writers" said Sorin Dudea, Virus Researcher at BitDefender, SOFTWIN. "The first Kazaa virus uses an impressive list of over 1000 titles including recent movies, MP3 songs or extremely valuable software kits, to trick users into downloading its body. Even if the virus doesnít specify this, it might be an attempt to stop software and DivX movies distribution through exchange file networks" Sorin concluded.

Spotlight

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been discovered. The flaw could allow an attacker to monitor or tamper with traffic to and from any hotel WiFi user's connection.

In this interview, Raj Samani, VP and CTO EMEA at Intel Security, talks about successful information security strategies aimed at the critical infrastructure, government challenges, the role of regulation, and more.